Compare Cisco ASA NGFW vs. Fortinet FortiGate

Cancel
You must select at least 2 products to compare!
Cisco ASA NGFW Logo
68,080 views|51,092 comparisons
Fortinet FortiGate Logo
170,359 views|120,790 comparisons
Most Helpful Review
Find out what your peers are saying about Cisco ASA NGFW vs. Fortinet FortiGate and other solutions. Updated: July 2020.
431,790 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
Unfortunately in Cisco, only the hardware was good.The traffic inspection and the Firepower engine are the most valuable features. It gives you full details, application details, traffic monitoring, and the threats. It gives you all the containers the user is using, especially at the application level. The solution also provides application visibility and control.If we look at the Cisco ASA without Firepower, then one of the most valuable features is the URL filtering.It's easy to integrate ASA with other Cisco security products. When you understand the technology, it's not a big deal. It's very simple.The benefits we see from the ASA are connected to teleworking as well as, of course, having the basic functionality of a firewall in place and the prevention of attacks.On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you.If you have a solution that is creating a script and you need to deploy many implementations, you can create a script in the device and it will be the same for all. After that, you just have to do the fine tuning.They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home functionality.

More Cisco ASA NGFW Pros »

Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered.We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days.Virtual Domains (VDOMs) are a feature that we found valuable.SSL-VPN is very useful for us and has been very reliable.FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering.The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus.The security features are about the best that I've seen anywhere.

More Fortinet FortiGate Pros »

Cons
In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline.Security generally requires integration with many devices, and the management side of that process could be enhanced somewhat. It would help if there was a clear view of the integrations and what the easiest way to do them is.One area where the ASA could be improved is that it doesn't have AMP. When you get an ASA with the Firepower model, ASA with FTD, then you have advanced malware protection.If I want to activate IPS features on it, I have to buy another license. If I want Cisco AnyConnect, I have to buy another license. That's where we have challenges.Cisco missed the mark with all the configuration steps. They are a pain and, when doing them, it looks as if we're using a very old technology — yet the technology itself is not old, it's very good. But the front-end configuration is very tough.Cisco provides us with application visibility and control, although it's not a complete solution compared to other vendors. Cisco needs to work on the application behavior side of things, in particular when it comes to the behavior of SSL traffic.It is expensive.We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out.

More Cisco ASA NGFW Cons »

I think there could be more QoS featuresWe would like to see a better training platform implemented.We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved.To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution.The user interface could be improved to make it less confusing and easier to set up.There is a lot of improvement needed with SSL-VPN.Improvement is needed in the Web Filter quotas to restrict users with allocated quotas.Technical support for this solution can be improved.

More Fortinet FortiGate Cons »

Pricing and Cost Advice
Always consider what you might need to reduce your wasted time and invest it in other solutions.There is room for improvement in the pricing when compared to the market. Although, when you compare the benefits of support from Cisco, you can adjust the value and it becomes comparable, because you usually need very good support. So you gain value there with this device.When it comes to Cisco, the price of everything is higher. Cisco firewalls are expensive, but we get support from Cisco, and that support is very active.It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up.Cisco is expensive, but you do get benefits for the price.In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.Pricing varies on the model and the features we are using. It could be anywhere from $600 to $1000 to up to $7,000 per year, depending on what model and what feature sets are available to us.We used Check Point and the two are comparable. Cost was really what put us onto the ASAs... the price tag for Check Point was exorbitantly more than what it is for the ASA solution.

More Cisco ASA NGFW Pricing and Cost Advice »

Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you.Fortinet is the least expensive solution.Fortinet Secure SD-WAN delivered the lowest total cost of ownership (TCO) per Mbps among all other vendors.The pricing for this solution is good.Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security.Each feature costs money, so it is important to study your needs.I would say that all things considered, the pricing is pretty good.Fortinet is reasonable in pricing and licensing. Overall, FortiGate is affordable. The licensing fee can be a little high, depending on the budget for your project.

More Fortinet FortiGate Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
431,790 professionals have used our research since 2012.
Answers from the Community
Mubashar Hanif
Ranking
2nd
out of 54 in Firewalls
Views
68,080
Comparisons
51,092
Reviews
45
Average Words per Review
590
Avg. Rating
7.9
1st
out of 54 in Firewalls
Views
170,359
Comparisons
120,790
Reviews
46
Average Words per Review
359
Avg. Rating
8.6
Popular Comparisons
Compared 9% of the time.
Compared 6% of the time.
Compared 4% of the time.
Compared 11% of the time.
Compared 9% of the time.
Compared 8% of the time.
Compared 6% of the time.
Also Known As
Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire FirewallsFortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Learn
Cisco
Fortinet
Overview

Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.

Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.

Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW.

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

Offer
Learn more about Cisco ASA NGFW
Learn more about Fortinet FortiGate
Sample Customers
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
Top Industries
REVIEWERS
Financial Services Firm20%
Manufacturing Company10%
Comms Service Provider9%
University8%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider21%
Media Company7%
Government5%
REVIEWERS
Comms Service Provider18%
Energy/Utilities Company8%
Financial Services Firm8%
Real Estate/Law Firm6%
VISITORS READING REVIEWS
Computer Software Company26%
Comms Service Provider22%
Media Company7%
Government5%
Company Size
REVIEWERS
Small Business35%
Midsize Enterprise25%
Large Enterprise40%
VISITORS READING REVIEWS
Small Business33%
Midsize Enterprise22%
Large Enterprise46%
REVIEWERS
Small Business47%
Midsize Enterprise25%
Large Enterprise28%
VISITORS READING REVIEWS
Small Business49%
Midsize Enterprise22%
Large Enterprise29%
Find out what your peers are saying about Cisco ASA NGFW vs. Fortinet FortiGate and other solutions. Updated: July 2020.
431,790 professionals have used our research since 2012.
Cisco ASA NGFW is ranked 2nd in Firewalls with 48 reviews while Fortinet FortiGate is ranked 1st in Firewalls with 48 reviews. Cisco ASA NGFW is rated 8.0, while Fortinet FortiGate is rated 8.6. The top reviewer of Cisco ASA NGFW writes "Gives us visibility into potential outbreaks as well as malicious users trying to access the site". On the other hand, the top reviewer of Fortinet FortiGate writes "Don't underestimate FortiAnalyzer. It can give you a better understanding of what is going on in your network". Cisco ASA NGFW is most compared with Cisco Firepower NGFW, Meraki MX , SonicWall TZ, Palo Alto Networks WildFire and pfSense, whereas Fortinet FortiGate is most compared with Meraki MX , pfSense, Sophos UTM, SonicWall TZ and Cisco Firepower NGFW. See our Cisco ASA NGFW vs. Fortinet FortiGate report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.